Dragonfly researcher Ivan Bogatyy was able to use as much as $60 per week on the Amazon Web Services to expose a critical vulnerability on the MimbleWimble privacy architecture as we are reading further in our blockchain latest news today.
The flaw discovered in the MW protocol could leave a hole in the network’s aspiration of being a viable alternative to the other privacy-focused blockchains such as Monero and Zcash. In a recent Medium post, the Dragonfly researcher said he was able to expose the critical vulnerability of about 96 percent of the GRIN transactions on the Mimblewimble. According to Bogatyy, this issue of the MW protocol only cost $60 per week on Amazon’s cloud computing platform.
An excerpt from the blog post by Bogatyy showing the complexity of the problem and the ease which the attackers were able to exploit the vulnerability reads:
‘’In my attack, I was able to link 96% of all transactions while only connecting to 200 peers out of the total 3000 peers in Grin’s network. But if I wanted to spend a bit more money, I could easily connect to 3000 nodes to disaggregate almost all transactions.’’
Bogatty referred to the process of preventing the transactions from coupling along with the MW coinjoin which guarantees anonymity. While some of the other privacy-focused cryptos use decoy UTXO or shielded transactions, the mimblewimble protocol provides anonymity by means of massive coinjoins.
buy amoxicillin generic https://buynoprescriptiononlinerxx.com/amoxicillin.html over the counter
Each one is an amalgamation of a few transactions in one block to create the anonymity set.
Bogatyy did explain that the vulnerability was known to the MW developers but his findings prove that it requires a lot less capital outlay to exploit the weakness in the protocol’s privacy architecture. For the Dragonfly researcher, the easiness with which the attackers are able to take advantage of the vulnerability also makes MW a very poor alternative to coins such as Zcash (ZEC) and Monero (XMR) and according to him:
‘’The problem is inherent to Mimblewimble, and I don’t believe there’s a way to fix it. This means Mimblewimble should no longer be considered a viable alternative to Zcash or Monero when it comes to privacy.’’
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post